updated 10:30 am EDT, Tue July 17, 2007
iPhone web-dialing flaws
A web security company is warning against using a feature of the iPhone's web browser. According to SPI Dynamics, the ability to tap a Safari link and have it dial a number may be convenient, but it may also be exploitable by attackers. Examples given include the ability to track phonecalls, or redirect them to a number of an attacker's choosing, such as a 1-900 number; more serious threats involve calls being placed without confirmation, an infinite calling loop that can only be escaped through shutoff, or even the blocking of phonecalls altogether.
Worsening problems is the choice of three different vectors: while malicious, original websites are an option, it is also possible to abuse the cross-site scripting of legitimate sites, or deliver code through a web worm.
SPI says it reported its findings to Apple earlier in the month, with whom it is cooperating to close exploits; until then, it suggests that iPhone owners simply avoid dialing from Safari for whatever reason.